Security considerations
Last revised: 2024-05-08
The cloud application metering solution is designed with data protection and user privacy in mind.
Snow has minimized the amount of collected information to ensure that only required data points are stored. No telemetry, usage data, or any other information is transferred to Snow. Snow has no access to the raw data collected by the extension, which always remains secure at customer premises.
Data collected and sent
The cloud application metering extensions collect the following data points:
-
Full URL of a website visited by a user
-
The account that the user is logged on with, that is, either the local computer account or the Active Directory account. For example, computername\username or AD\username.
-
A timestamp associated with the URL visit
The extension neither collects, examines, nor utilizes security headers, request body, or any other parameters. The collected information is stored in an encrypted file.
After a short period of time (3-5 min), the collected information is processed by the agent, and in the resulting data set the URL details are removed. This is done to ensure that the visited URL information never leaves the user’s device. Instead, only the number of hits against a cloud application metering rule is saved. The rule itself is not stored in clear text, but is instead represented by a unique RuleID that contains no details about which website it identifies.
The data that leaves the device consists of:
-
The RuleID that matches the user's activity in the browser
-
The account that the user is logged on with
-
A timestamp associated with the URL visit
The matching between the RuleID and the known application is done in the data processing pipeline. A known application is an application that has been analyzed and processed by the Data Intelligence Service (DIS).
Data encryption
All collected and processed data is stored encrypted.
This includes:
-
Temporary storage of URLs, logins, and timestamps (AES-256)
-
Storage of rules with corresponding hit numbers (AES-256)
-
Generic Snow Inventory files that are used to package the data for sending (AES-128)
Extension permissions
When the browser extension is installed, it will request permission to access browsing data, since it is a prerequisite for it to be able to perform its tasks. Different browsers have different permission models. For example, Chromium-based browsers, as well as Mozilla Firefox, by design implement an all-or-nothing permission model for an extension that requests access to all URLs visited by a user. For Snow Web Application Metering extension, this means that Chromium-based browsers and Mozilla Firefox will give it permission to read and change all data on websites visited by the user.
It is important to note that the cloud application metering browser extensions only require and collect information on the user-visited URLs, regardless of the permission model of the respective browser. The extensions do not change or read the content of the visited web pages.
The respective app store and browser will show a list of permissions that will be, or have been, given to the browser extension based on the browser's permission model, as shown in the table below.
The table shows permissions given by the browser, as stated by the browser. No matter what permissions are given, the browser extension will use them only to collect information on the user-visited URLs.
Browser | Permissions as shown in the app store and browser |
---|---|
Chromium-based browsers Google Chrome and Microsoft Edge |
|
Apple Safari |
|
Mozilla Firefox |
|
Security testing
Snow recognizes the importance of keeping the browser extensions secure as they are deployed to end-user computers and have access to websites the users visit. Therefore, Snow has started a bug bounty program, where security researchers are rewarded for finding and reporting security issues within the extensions. This facilitates continuous security assessment of the latest changes to the cloud application metering extensions.